Puma Security Serverless Prey Serverless Prey is a collection of serverless functions (FaaS), that, once launched to a cloud environment and invoked, establish a TCP reverse shell, enabling the user to introspect the underlying...
The post serverless prey: serverless functions for establishing reverse shells appeared first on Penetration Testing Tools.
The WinPmem memory acquisition driver and userspace WinPmem has been the default open-source memory acquisition driver for windows for a long time. It used to live in the Rekall project but has recently been...
The post WinPmem: WinPmem memory acquisition driver and userspace appeared first on Penetration Testing Tools.
FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis FileInsight-plugins is a large set of plugins for the McAfee FileInsight hex editor. It adds many capabilities such as decryption, decompression, searching XOR-ed...
The post FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor appeared first on Penetration Testing Tools.
RustPotato is a Rust-based implementation of GodPotato, a privilege escalation tool that abuses DCOM and RPC to leverage SeImpersonatePrivilege and gain NT AUTHORITY\SYSTEM privileges on Windows systems. Key Features TCP-based Reverse Shell: RustPotato features a TCP-based reverse shell based on Rustic64Shell. It leverages Winsock APIs...
The post RustPotato: privilege escalation tool appeared first on Penetration Testing Tools.
Fuzzable Framework for Automating Fuzzable Target Discovery with Static Analysis Vulnerability researchers conducting security assessments on software will often harness the capabilities of coverage-guided fuzzing through powerful tools like AFL++ and libFuzzer. This is important as...
The post fuzzable: Automating Fuzzable Target Discovery with Static Analysis appeared first on Penetration Testing Tools.
NTLM Relay Gat NTLM Relay Gat is a powerful tool designed to automate the exploitation of NTLM relays using ntlmrelayx.py from the Impacket tool suite. By leveraging the capabilities of ntlmrelayx.py, NTLM Relay Gat streamlines...
The post NTLM Relay Gat: automate the exploitation of NTLM relays appeared first on Penetration Testing Tools.
Hfinger – fingerprinting HTTP requests Tool for fingerprinting HTTP requests of malware. Based on Tshark and written in Python3. Working prototype stage 🙂 Its main objective is to provide a representation of malware requests...
The post Hfinger: fingerprinting HTTP requests appeared first on Penetration Testing Tools.
ACEshark ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminating the need for tools like accesschk.exe or other non-native binaries. Why? Efficiently identify and analyze service...
The post ACEshark: extraction and analysis of Windows service configurations and Access Control Entries appeared first on Penetration Testing Tools.
Driver Buddy Reloaded Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks. It has a number of handy features, such as: Identifying the type...
The post DriverBuddyReloaded: automate some tedious Windows Kernel Drivers reverse engineering tasks appeared first on Penetration Testing Tools.
QCSuper QCSuper is a tool communicating with Qualcomm-based phones and modems, allowing to capture raw 2G/3G/4G (and for certain models 5G) radio frames, among other things. It will allow you to generate PCAP captures of it using either...
The post QCSuper: capture raw 2G/3G/4G/ 5G radio frames appeared first on Penetration Testing Tools.
Speakeasy Speakeasy is a portable, modular, binary emulator designed to emulate Windows kernel and user mode malware. Instead of attempting to perform dynamic analysis using an entire virtualized operating system, Speakeasy will emulate specific...
The post Speakeasy: emulate Windows kernel and user mode malware appeared first on Penetration Testing Tools.
MEGR-APT MEGR-APT is a scalable APT hunting system to discover suspicious subgraphs matching an attack scenario (query graph) published in Cyber Threat Intelligence (CTI) reports. MEGR-APT hunts APTs in a twofold process: (i) memory-efficient...
The post MEGR-APT: A Memory-Efficient APT Hunting System appeared first on Penetration Testing Tools.
SessionProbe SessionProbe is a multi-threaded pentesting tool designed to assist in evaluating user privileges in web applications. It takes a user’s session token and checks for a list of URLs if access is possible,...
The post SessionProbe: assist in evaluating user privileges in web applications appeared first on Penetration Testing Tools.
SharpADWS SharpADWS is an Active Directory reconnaissance and exploitation tool for Red Teams that collects and modifies Active Directory data via the Active Directory Web Services (ADWS) protocol. Typically, enumeration or manipulation of Active...
The post SharpADWS: Active Directory reconnaissance and exploitation for Red Teams appeared first on Penetration Testing Tools.
freki Freki is a free and open-source malware analysis platform. Goals Facilitate malware analysis and reverse engineering; Provide an easy-to-use REST API for different projects; Easy deployment (via Docker); Allow the addition of new...
The post freki: Malware analysis platform appeared first on Penetration Testing Tools.
gubble gubble is a tool designed to audit Google Workspace group settings. It analyzes settings such as who can join, view membership, post messages, view conversations, and more to help identify potential security risks associated...
The post gubble: audit Google Workspace group settings appeared first on Penetration Testing Tools.
Hunt-Sleeping-Beacons This project is ( mostly ) a callstack scanner which tries to identify IOCs indicating an unpacked or injected C2 agent. All checks are based on the observation that C2 agents wait between...
The post Hunt-Sleeping-Beacons: identify beacons appeared first on Penetration Testing Tools.
AlphaGolang AlphaGolang is a collection of IDAPython scripts to help malware reverse engineers master Go binaries. The idea is to break the scripts into concrete steps, thus avoiding brittle monolithic scripts, and mimicking the...
The post AlphaGolang: IDApython Scripts for Analyzing Golang Binaries appeared first on Penetration Testing Tools.
Malduck Malduck is your ducky companion in malware analysis journeys. It is mostly based on the Roach project, which derives many concepts from mlib library created by Maciej Kotowicz. The purpose of the fork was to make Roach...
The post Malduck: make library for malware researchers appeared first on Penetration Testing Tools.
Vermilion Vermilion is a simple and lightweight CLI tool designed for rapid collection, and optional exfiltration of sensitive information from Linux systems. Its primary purpose is to streamline the process of gathering critical data...
The post vermilion: Linux post exploitation tool for info gathering and exfiltration appeared first on Penetration Testing Tools.
